Google Compute Engine

To deploy Calico Cloud in Google Compute Engine (GCE), you must ensure that traffic between containers on different hosts is not dropped by the GCE fabric. There are a few different options for doing this depending on your deployment.

IP-in-IP encapsulation

Container traffic routing can be enabled by setting IP-in-IP encapsulation and NAT outgoing on the configured Calico Cloud IP pools.

See the IP pool configuration reference for information on how to configure Calico Cloud IP pools.

GCE cloud routes

Traffic routing in GCE can be achieved by utilizing GCE cloud routes and running Calico Cloud in policy-only mode. Kubernetes GCE cloud provider integration simplifies route configuration by enabling Kubernetes to handle creating routes.

Enabling workload-to-WAN traffic

To allow Calico Cloud networked containers to reach resources outside of GCE, you must configure outgoing NAT on your Calico Cloud IP pool.

Google Compute Engine

IP-in-IP encapsulation​

GCE cloud routes​

Enabling workload-to-WAN traffic​

IP-in-IP encapsulation

GCE cloud routes

Enabling workload-to-WAN traffic